Updating openssl due to security scan

3.49-2 Fixed: Buffer overflow in output option commandline argument (VL-ID 2068) (Hosein Askari) Fixed: Minor fixes 3.48-23 Fixed: on Linux, FTBFS with openssl 1.1.0 3.48-22: Fixed: on Windows, fixed possible DLL local injection (Tunisian Cyber) Fixed: various typos 3.48-21: Fixed: Google RPMs use /usr/bin/google-chrome as program location (Cickumqt) Fixed: Fixed htsserver not dying (immediately) on quit.New: Updated WIN32 Open SSL to 1.0.1j (Evgeniy) 3.48-20: Fixed: webhttrack incompatibility with Chrome 3.48-19: Fixed: assertion failure at htslib.c:3458 (strlen(copy Buff) == q Len) seen on Linux 3.48-18:3.48-18: Fixed: infamous crashes inside the DNS cache due to a corruption within the option structure (E.They can create passwords for the user, or they can let users create their own passwords while verifying the passwords are of adequate strength.

module is used to check a password's strength against a set of rules.

The following section details good practices for creating and managing user passwords within an organization.

If an organization has a large number of users, the system administrators have two basic options available to force the use of strong passwords.

Kalinowski/karbofos) New: added minimalistic crash reporting on Windows and Linux 3.48-17: Fixed: URL list not working anymore (tom swift) Fixed: FTBFS on ARM 3.48-14: Fixed: buggy FFFD (replacement character) in place of leading non-ascii character such as Chinese ones (aballboy) Fixed: FTBFS when compiling with zlib versions string_buffer_capa) 3.48-10 Fixed: injection-proof templates Fixed: htshash.c:330 assertion failure ("error invalidating hash entry") (Sergey) Fixed: Windows 2000 regression (fantozzi.usenet) Fixed: code cleanup (aliasing issues, const correctness, safe strings) New: handle --advanced-maxlinks=0 to disable maximum link limits New: updated ZIP routines (zlib 1.2.8) 3.48-9 Fixed: broken 32-bit version Fixed: assertion "seg Output Size application/x-bittorrent built-in MIME type (alexei dot co at gmail dot com) 3.47-21 Fixed: Mishandling of ' ' in URLs introduced in 3.47-15 (sarclaudio) Fixed: "Wildcard domains in cookies do not match" (alexei dot co at gmail dot com ) Fixed: buggy referer while parsing: the referer of all links in the page is the current page being parsed, NOT the parent page.

(alexei dot com at gmail dot com) 3.47-20 Fixed: Fixed div-by-zero when specifying more than 1000 connections per seconds (probably not very common) 3.47-19 Fixed: more windows-specific fixes regarding 260-character path limit Fixed: escaping issue in top index Fixed: Linux build cleanup (gentoo patches merge, lintian fixes et al.) 3.47-18 Fixed: --timeout alias did not work 3.47-17 Fixed: URL-encoding issue within URI 3.47-15 Fixed: non-ascii characters encoding issue inside query string (lugusto) Fixed: HTML entities not properly decoded inside URI and query string 3.47.14 Fixed: 260-characters path limit for Windows (lugusto) New: openssl is no longer dynamically probed at stratup, but dynamically linked 3.47-13 Fixed: bogus charset for requests when filenames have non-ascii characters (Steven Hsiao) Fixed: bogus charset on disk when filenames have non-ascii characters (Steven Hsiao) New: support for IDNA / RFC 3492 (punycode) handling 3.47-12 Fixed: images in CSS were sometimes not correctly detected (Martin) Fixed: links within javascript events were sometimes not correctly detected (wquatan) Fixed: webhttrack caused bus error on certain systems, such as Mac OSX, due to the stack size (Patrick Gundlach) 3.47-11 Fixed: zero-length files not being properly handled (not saved on disk, not updated) (lugusto) Fixed: serious bug that may lead to download several times the same file, and "Unexpected 412/416 error" errors 3.47-7 Fixed: on Windows, fixed possible DLL local injection (CVE-2010-5252) Fixed: UTF-8 conversion bug on Linux that may lead to buggy filenames 3.47-6 Fixed: memory leak in hashtable, that may lead to excessive memory consumption 3.47-5 Fixed: random closing of files/sockets, leading to "zip_zip Write In File In Zip_failed" assertion, "bogus state" messages, or random garbage in downloaded files Fixed: libssl.dylib is now in the search list for libssl on OSX (Nils Breunese) Fixed: bogus charset because the meta http-equiv tag is placed too far in the html page Fixed: incorrect \machine\dir structure build on Windows (Tom Z) Fixed: do not force a file to have an extension unless it has a known type (such as html), or a possibly known type (if delayed checks are disabled) Fixed: HTML 5 addition regarding "poster" attribute for the "video" tag (Jason Ronallo) Fixed: memory leaks in proxytrack.c (Eric Searcy) Fixed: correctly set the Z flag in hts-cache/file (Peter) Fixed: parallel patch, typo regarding ICONV_LIBS (Sebastian Pipping) 3.46-1 New: Unicode filenames handling Fixed: fixed bug in handling of update/continue with erased files or renamed files, leading to "Unexpected 412/416 error (Requested Range Not Satisfiable)" and/or "Previous cache file not found" (-1)" errors Fixed: escape characters = 128 when sending GET/HEAD requests to avoid server errors Fixed: do not use "delayed" extensions when the mirror is aborting Fixed: generate error pages when needed (Brent Palmer) Fixed: parsing issue with js files due to "script" tags (Vasiliy) Fixed: anonymous FTP without password (Luiz) Fixed: Makefile issues regarding parrallel build and examples (Sebastian Pipping) Fixed: removed deprecated and annoying "Accept-Charset" header in requests (Piotr Engelking) (closes:#674053) 3.45-4 New: source license is now GPLv3 New: added a "K5" feature to handle transparent proxies (Brent Palmer) New: option -y to control ^Z behavior (Julian H.

Leave a Reply